Colonial Pipeline Paid Ransomware Hackers $5M In Cryptocurrency: Report

Colonial Pipeline Co. paid nearly $5 million in untraceable cryptocurrency to the ransomware who shut down the nation’s largest fuel pipeline, according to a Bloomberg report sourcing “two people familiar with the transaction.”

What Happened: The payment was made on May 7, the day after the ransomware attack took place. Upon receiving their ransom, the hackers provided the decrypting tool needed to restore the Colonial Pipeline computer network that became imprisoned within their ransomware. However, the tool was reportedly so slow in working that the company used its own backups to speed the restoration of the system, according to Bloomberg.

The news of the ransom payment contradicts media reports that said the company had no plans to negotiate with the hackers, who have been identified by the FBI as members of DarkSide, a digital extortionist operation believed to be located in Russia or Eastern Europe.

Related Link: 3 ETFs To Play A Potential Energy Crisis

Why It Matters: According to the investigators, the hackers took nearly 100 gigabytes of data from the Alpharetta, Georgia-based company's network in a two-hour operation. Colonial Pipeline halted its operations upon learning of the hack, which resulted in fuel shortages along the East Coast.

Although the FBI has encouraged companies not to pay ransom to hackers, Deputy National Security Advisor Anne Neuberger told reporters earlier this week that “companies are often in a difficult position if their data is encrypted and they do not have backups and cannot recover the data.”

Colonial Pipeline is a private company owned by CDPQ Colonial Partners, LP; IFM (US) Colonial Pipeline 2, LLC; KKR-Keats Pipeline Investors, LP; Koch Capital Investments Company, LLC; and Shell Midstream Operating, LLC. Publicly traded parent companies in that mix include private equity giant KKR & Co. KKR and Royal Dutch Shell Plc RYDAF.

(Illustration by Mohamed Hassan / Pixabay.)